For sure.

My point was more … first time, ever, you boot a raw device, a display can be handy unless you know what you are doing. Once it survives a reboot…

After that, if you need a GUI — just run an x windows server on your main rig; interact with your remote server as the client without the need of a display.

Usually it’s handy to have a display during initial setup and cfg. Also, with x windows port forwarding … you access your server gui over a network like god intended :)

you could probably roll your own pretty easily, just prowl around /proc etc

https://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/proc.html

Or, this is our best universe and the rest just get even shittier. That’s my rainbow and unicorn fantasy / no kink shaming pls.

Or, what if hell is simply consciousness during all the shitty outcomes: the teacher runs out candy when it’s your turn, the bus drives off just when you show up, etc.

It would mean as we approach the hellspawn timeline, each one of us made it into the angel timeline too.

Odds are very high we only have one universe because multiple dimensions can be reduced via transformation, but it is progressively more difficult to transform from a lower dimension to a higher dimension: that straight 2d line is probably a straight 2d line in 3d and 4d space.

Also le boobies in class were always fun I am not sure what the hubbub is all about.

Is it something you can address with your ISP?

Changing ISP is just not an option for most people. Sometimes a different class of service will Improve link reliability.

The other thing you could consider is some kind of mobile hotspot.

If you are hosting everything, why do your need your ISP? Is it for access to your home services outside your home?

I like how you have a home smartcard. I can’t believe many do.

Why do you think cloud operators are lying?

The azure breach is interesting in that it is vs MSFT SaaS. We’re talking produce, ready to eat meals are in the deli section!

The encryption tech in many cloud providers is typically superior to what you run at home to the point I don’t believe it is a common attack vector.

Overall, hardened containers are more secure vs bare metal as the attack vectors are radically diff.

A container should refuse to execute processes that have nothing to do with container function. For ex, there is no reason to have a super user in a container, and the underlying container host should never be accessible from the devices connecting to the containers that it hosts.

Bare metal is an emotional illusion of control esp with consumer devices between ISP gateway and bare metal.

It’s not that self hosted can’t run the same level of detect & reject cfg, it’s just that I would be surprised if it was. Securing self hosted internet facing home labs could almost be its own community and is definitely worth a discussion.

My point is that it is simpler imo to button up a virtual env and that includes a virtual network env (by defn, cloud hosting).

Well with bare metal yes, but when your architecture is virtual, configuration rises in importance as the first line of defense. So it’s not just “yum —update” and reboot to remediate a vulnerability, there is more to it; the odds of a home lab admin keeping up with that seem remote to me.

Encryption is interesting, there really is no practical difference between cloud vs self hosted encryption offerings other than an emotional response.

Regarding security issues, it will depend on the provider but one wonders if those are real or imagined issues?

Operating internet-facing services in the home, in my opinion, requires a layer-3 managed switch so that internet traffic is 100% separated from home traffic, w/attendant DMZ to bridge home<-> internet-facing services safely.

L3 managed is the simplest method to contain a penetration to just the internet-facing devices (which is still pretty bad). Cloud hosting is more manageable, but you must watch the spend.

The biggest issue is a DDoS attack on the home network, which could impact internet-facing services and home clients (streaming TV, gaming, email, etc.).

Certain cloud providers are as secure, if not more secure, than a home lab. Amazon, Google, Microsoft, et al. are responding to 0-day vulnerabilities on the reg. In a home lab, that is on you.

To me, self-hosted means you deploy, operate, and maintain your services.

Why? Varied…the most crucial reason is 1) it is fun because 2) they work.

Yeah, I agree, and ultimately shame on the tv manufacturer. However many software just won’t connect so it’s not really a plex issue. If they use a library that won’t support it…

To be fair, old ssl isn’t really ssl at all & considered to be a vulnerability by a lot of libraries.

Lol

Some guy writes about how lonely he is, and a bot trims his writing by 88%.

This is a great question. The photo ecosystem is one where I haven’t found a FOSS soln that hits all the marks of subscription services. I would focus on whatever helps you search.

I do feel like if files have accurate dates in the file system and in metadata, then folders based on event make sense.

However subscription photo services are very good at automatically sorting - these dates are holidays so these pictures are probably for that holiday. Your home location is here, these pictures are over there so this must be your trip to there. These pictures have these people or animals, so these pictures are about them.

With that comes seamless integration across devices - a picture taken at time now can be seen on a tv or laptop at time +x. Etc.

I have left the FOSS photo world but am definitely interested to see where it is. With digital photography finding pictures is the real trick. using folders like a tag hierarchy at least gets you in the ball park imo. But I have no practical knowledge any more.

In general if you lose your iscsi storage you are hosed.

The way around this is replication where you write one byte to two locations and pseudo load balancing where you have an active and inactive link. When power on one storage fabric goes down you flip to the other. Iscsi isn’t really good for this use case

Microsoft says gtfo with your bios settings, they know what’s best, and that means all the checks you say you don’t want. I am guessing that’s your OS vendor…

Depends, it’s all a gamble. Think of it like this … how much do you spend on your kit? A top end GPU is $1500 USD. A decent surge protector might cost $15. However suppose you cheap out and get one for $9.99…then a surge blows thru it and smokes your mobo&gpu. how much did that $5 in savings cost you?

there is quite a bit that goes into it. And yet it’s not magic. Also, protection does wear out as load & surge is applied. So it’s not really worth it to pay top end, over and over, at least imo.

Remember power!

First and foremost, well-grounded power is essential. I haven’t done the whole house thing yet, but I am thinking about it and curious to know of other’s stories.

For surge protectors, I like GE wall taps for form factor and Furman racks when there is space & need.

For an uninterruptible power supply, I like APC. While they aren’t made in the USA like they used to (RIP), they have been reliable for me.

Network (ISP Modem, WIFI, Switch) and tower CPU are all driven by UPS power. APC UPS, at least, is always drawing off the battery, so the upstream electronics are protected…a massive surge is far more likely to take out the battery. For laptops, surge protection is enough.

I have not yet surge-protected the ISP lower power input… this is a real risk! I found a cheap one off Amazon, but I am worried it will degrade the network --> whole house may be better.

Note - I have had a lightning strike get sent down the cable line, enter the home, blow out the cable modem, traverse into the network switch, blow out the switch, and nuke every active ethernet port (NAS, Apple TV, etc.), as well as jump the wire into low power security, physically blowing a hard-wired security panel off the wall and damaging a few hard-wired security points. Pretty crazy!

I would look for something that can generate your diagram from text. There are several.

Also you should probably have some kind orchestration layer so that your architecture as text feeds both diagram and operational automation (say, ansible).

The hard part with diagrams is keeping it up to date. So if you can generate a diagram from something that MUST be up to date, it’s a 2-fer (or if your diagram can be used to generate say an ansible inventory).