A lot of guides are still for Proxmox 7 or even 6 on that matter.

Proxmox 8 has changed a lot in that regard.

You forgot the “basement dwelling gatekeepers”, there are the ones whose minds never left their parents basement and whose social skills aka lack thereof is evident in their gatekeeping.

Their way is the only correct way and Linus has actually no idea how to run Linux, hardware manufacturers don’t know anything about their products, anyone using not their service of choice is automatically an idiot and if you don’t know how to compile xyz yourself by using a self taught technique you really should get off the internet right now.

Often their advice is inefficient, sometimes it’s outdated and some even blatantly lie (had one boast in a discord that he has a myriad of secret user accounts where he intentionally gives bad advice to a FOSS product he hates).

Some also intentionally make whatever the goal is appear much harder in an effort to look smarter (that behaviour is often found in the professional world as well*)

They are the cancerous sore of FOSS and social media,imho.

PS: Anecdote: I work in healthcare,not IT originally. Everything I know is self taught, therefore. Started a new consulting gig and one of these guys, very much a “IT gatekeeper” always made the company he worked for think it takes a massive effort to install a certain product. Which made everyone’s life much harder because yes,he did install it, but he manually compiled it which took him weeks at a time, while his other work piled up. So they tried not to use this essential product whenever possible and worked their way around it.

I came there, saw that I needed said product and had it installed within 20min. The CEO sat right next to me and was stunned. “You prepared that, right?” “Uhm,no? You can just download and install it like this?”

IT-Gatekeeper was asked to join the meeting asap and told to explain why they need so long. His only excuse was “I need to review all the code” - which he did diligently, but he always reviewed ALL the code not only changes, according to his notes.

I made the mistake of saying to myself a bit to loud “but if you compile that stuff yourself then you are liable if it breaks,if you use the advised packages from the manufacturer they are”(medical device law can be interesting). IT-Gatekeeper exploded and screamed at me how I have no idea how IT works,etc.

He was let go shortly after that.

Thanks for confirming that you’re full of shit.

Because there are very very few Sliding Synch (which is the part of X that makes it faster) instances at the moment and only one that has a major userbase…

Wouldn’t say that. With most Matrix Clients, WhatsApp, etc. it’s far easier. Especially from a perspective of a elderly,less tech adept user.

And on which instance did you experience that?

Depends. If you use an intermediary layer like Yunohost/Cloudron/etc. or now your way around docker it’s manageable easily.

Very unlikely by now, these issues have been adressed a while ago.

Matrix is slow on large instances, but that’s not the case here, especially if no federation is done.

And the issue with sluggishness is currently the main development focus with ElementX/matrixX that will become mainstream matrix soon. With that even the large instances are extremely fast.

It is literally one setting in Matrix to force all rooms to only do encrypted messages.

Signal is pretty unintuitive when it comes to multiple devices per user, device transfers after a device has been lost,etc.

You kids are disgusting with your “ready to go” software. A true IT professional would use a self written virtual assembler layer between Hannah Montana and Proxmox to improve security!

Cloudron does that,not for free, though. But cheap

Not cheap but easy to setup and very very capable are the Dahuas. Especially in HA they are really mighty. But sadly they are not cheap.

Old article by someone who seems to be an absolute newbie in that field.

I can recommend using Cloudron but I don’t use Radicale.

Cloudron is in no way a necessity for anyone - it’s simply me being too lazy to keep everything up to date, read all the necessary documentation for all the services we run,etc. Cloudron does all that for me - and I couldn’t be happier. Johannes,the owner, provides fast support (had two glitches with Hetzner DNS over the years) and the amount of Apps is getting wider each year, although I would rather see their range be broader (e.g. a proper Monitoring system instead of yet another project management),but that’s just me.

In theory it’s even possible to create your own apps for cloudron, both for public and private use, but that is beyond my capabilities. It can also be used as a SSO provider and reverse proxy,btw.

Simply put:No.

You need to make sure none accesses your phone even when stolen (for a myriad of other reasons as well) so passwort protect it.

This has nothing to do with WG-easy or any wireguard implementation itself-it’s simply part of Wireguard. What you could do to at least discourage an attack is to save parts of the secrets (Preshared key, public key of your network) in a password manager like bitwarden and copy and paste it into the client every time you connect - and remove it from there after you’re done. But be aware that this will only discourage a technically inept attacker - the WG client and the OS,etc. will keep enough of data of these transactions around to easily find out this information and for a good attacker you actually make it easier this way. So I would clearly not recommend it. Password protect your phone.

WAG and other solutions put another layer between your network and WG. Basically they add a captive portal and only “unlock” it once you authorised yourself there. It is not a pretty solution and you need to be aware that it easily locks you out of your own network.

Another solution could be that you build two WG connections - one that is limited to your firewall and can exclusively connect to that device. And one that has broader access. Use the first one to enable access, the later one for actual access. Then the first one to disable access again.

The WG easy container should always be run behind an authentication layer,even in LAN as it enables an attacker (who might be already in the LAN) establish full outside connections. This can easily be achieved with a reverse proxy like Caddy/nginx proxy manager. The container then needs to be behind the proxy in it’s own network with only the WG port exposed. Requires a bit of work but is easily doable…And Portainer is your friend in that regard.

2N Verso.

• Works totally offline/Cloud free if required.
• Can be integrated into any NVR&SIP environment
• Can easily be used with plausible deniability. “Yeah, officer,I am just using it when someone rings the bell, no recording,the bell system never records,no!”
• Very sturdy and reliable hardware
• Offers indoor viewing stations (for the less technically adept household members)
• PoE based, can be used with LTE in some versions.
• Good documentation
• With the automation licence (Costs a bit extra,but is “buy once” at least) basically everything one can imagine automation wise can be achieved, including API calls,etc.
• Can be extended with RFID, Fingerprint, Bluetooth,Induction loops,etc.

If you want to use their cloud service you have to pay a small fee,but that’s purely optional and you can easily use your own SIP solution to avoid this. Or simply don’t answer your door from somewhere else.

The big downside? It’s ridiculously expensive. But I mean…how often does one buy a new doorbell?

On a RPi 3 mod B? Not really. Load spikes have already been mentioned and especially Home Assistant is prone to them, PiHole can be, but it can be avoided (you still wouldn’t want it to update its blocking lists while you print something as it causes load spikes).

IF you do it you need to configure it in a way that the Octopi is getting priority over everything else - which is possible with a lot of tinkering or using a VM layer like Proxmox - which is adding to the overhead again, though. This will push the 3B to its limits even more.

Personally I would advise against it heavily. If you already have a 3B, use it for the 3D Printer and buy another device for everything else (not necessarily a Pi, Arm has it’s downsides - there are a lot of energy efficient x64 solutions out there these days.) And then slap Proxmox on it,run HAOS, Pihole and whatever comes your way in the future on it. (Paperless and Frigate/agentNVR seem to come along the way naturally.

Joplin, can even be easily self hosted for synching/sharing.

Yes.Some/a lot depending on how much you sell. And of course for an installer a walled garden is much much more convenient instead of a open standard. And it’s much cheaper for them as they don’t need an ETS licence, don’t need an overview of hundreds of components and the certificates are cheaper/free as well - unlike KNX.

Loxone is not worth it lately. Their device quality has gone down, integration of other services is intentionally made difficult these days and overall support is lacking. I wouldn’t buy them, even more considering that you are vendor bound and always need a central component/server for it to work.

KNX has a very broad pricing range - from very cheap to very expensive there is basically everything, there are countless PIRs for less than 100€ and some for over 400€.

A well planned KNX install isn’t that much more expensive (10% on average)than a conventional install and the last Loxone install estimate I saw for a project was over 20% more than KNX.

Depends on what manufacturers and suppliers you want. Go with MDT (but avoid the GTs).