Cool, I recommend it!

I have my public facing reverse proxy point to my public services, and I also have it set up as a “roadwarrior” VPN to my home. So, I can connect my phone via WireGuard to my VPS, and a local DNS resolves my private services to the private IP addresses in my home network (so, I also run a reverse proxy on my server, for internal services).

I also have an off-site backup using this — just a raspberry pi and an HDD at family’s, that rsyncs+snapshots over the WireGuard network.

I’m sure I’m not following all the best practices here, but so far so good.

VPS with a public ip (which just takes all the fun out of selfhosting)

Why do you say this? My VPS only runs a reverse proxy and WireGuard, with all services hosted on my computers at home.

Remember that RAID and redundancy is not backup.

Try to 3-2-1, or something similar/better, if you can.

I am fairly sloppy here, and I am also very cheap. I have multiple copies in my home for important stuff (mainly Immich), the in use copy being on SSD and a few backups on spinning rust. I have a raspberry pi with an external HDD at family’s place, with a daily rsync+snapshot, for off site backups.

Of course, I’ve never had a catastrophic failure, so who knows how smooth that would be…

I switched to Technitium and I’ve been pretty happy. Seems very robust, and as a bonus was easy to use it to stop DNS leaks (each upstream has a static route through a different Mullvad VPN, and since they’re queried in parallel, a VPN connection can go down without losing any DNS…maybe this is how pihole would have handled it too though).

And of course, wildcards supported no problem.

Maybe take a look at Outline. (Not affiliated, but I host it for myself.)

I also host KitchenOwl, but mostly just as a grocery list.

I’ve been pleased with it. Family is very relaxed about projects like this, but yeah it’s low power draw. I don’t think I have anything special set up but the right thing to do for power would be to spin down drive when not in use, as power is dominated by the spinning rust.

Uptime is great. Only hiccups are that it can choke when compiling the ZFS kernel modules, triggered on kernel updates. It’s an rpi 3/1GB RAM (I keep failing at forcing dkms to use only 1 thread, which would probably fix these hiccups 🤷).

That said, it is managed by me, so sometimes errors go unnoticed. I had recent issues where I missed a week of rsync because I switched from pihole to technitium on my home server and forgot to point the remote rpi there. This would all have been fixed with proper cron email setup…I’m clearly not a professional :)

Not the same, but for my Immich backup I have a raspberry pi and an HDD with family (remote).

Backup is rsync, and a simple script to make ZFS snapshots (retaining X daily, Y weekly). Connected via “raw” WireGuard.

Setup works well, although it’s never been needed.

They made the decision that would save the most lives, which is their job.

But they lied to the public, which undermines trust; IMHO this was a myopic decision.

As for the people doing what’s best for society, that’s antithetical to American individualism

Can’t speak for everyone, but Flex Alerts in California do indeed work (it’s when we’re asked to reduce energy consumption).

your faith was proven wrong with both masks and toilet paper being bought for resale at predatory prices, or just to maintain personal supplies at the expense of everyone else.

That’s a fallacy/faulty generalization — I’m not saying everyone behaves well, but from my experience, the vast majority do. The pandemic for me was a time where I really felt like we looked out for our fellow people, at least locally.

In 2020 they recommended against face masks for non-healthcare workers. My understanding is that they did this to conserve masks for healthcare workers, as did the WHO. IMHO that was a really shitty thing for them to have done. Presenting all the facts and pleading with the public would, I think, have resulted in higher trust in them as an institution, ultimately saving lives, but that’s just my opinion I guess.

But yeah, completely agree that even then it was more or less well meaning, as opposed to now.

They say “everything’s bigger in Texas,” but maybe that’s just because California hasn’t whipped it out until now…

Yeah, good point. The “app setup” is built into android and iOS as far as I can tell (generating matter credentials, etc.). Better than 3rd party IMHO but not ideal, and a nonstarter for a lot of folks. Hopefully HA will come out with their own onboarding process at some point.

Fair enough; I have a dedicated SSID which is VLAN’d off from the rest of my network with no Internet access. Only my HA server can talk to those devices.

+1 for ThirdReality. They’re a little pricey but I’ve generally had good luck with them.

I’ve also had pretty good luck with cheap Matter-over-wifi bulbs. Pairing them can be a little finicky and needs to go through an Android or iOS process, but after pairing you can block Internet access for them and they work great local-only.

There’s a bug in some wifi matter bulbs where they crash, especially when going from off to a desired brightness/color state (as in, “light on” works but “light to 50%, 3000K” will crash the bulb).

I don’t think you understand what local control of smart devices means…

Gosh I wonder why they’re against mail-in ballots.

Any voter in CA is eligible, and honestly, with the number of propositions and local stuff on the ballot it’s essential to do research ahead of time regardless of your political preferences. So much easier to fill it out over a few weeks IMHO.

Beware though, there may be new rules about needing it received rather than postmarked by the election date (which is obviously bullshit).

Looks great! I’m a huge fan of (almost) never using a cutting board—that’s what the counter is for!

Maybe not a service in the typical sense, but setting up your router+server to route your home network traffic through a VPN is a fun project.

My router (MikroTik) supports WireGuard, so I can use it with Mullvad for the whole house—but wg is demanding and it’s a slow router, so while it can NAT at ~1Gbps, it can’t do WireGuard at more than ~90Mbps. So, I set up WireGuard/Mullvad on a little SBC with a fast processor, and have my router use that instead. Using policy based routing and/or mangling, I can have different VLANs/subnets/individual hosts selectively routed through the VPN.

It’s a fun exercise, not sure I implemented it in a smart way, but it works :)

It doesn’t change your point, but he was impeached for perjury and obstruction of justice, not for a sex act.

IIRC Waterson got a lot of flak for this, as there’s an implication that parents who adopt don’t love their kids as much. (Recollection from reading one of his annotated collections, could be wrong.)

A professional degree is historically different from an academic degree though. Math, chemistry, physics, biology, computer science—these typically produce (well compensated!) professionals, but they are not professional schools.

I am professional; I get paid to do the kinds of things that I did in grad school. But afaik no one would say I hold a professional degree.

All of this is besides the point of course—our student loan system shouldn’t disqualify people based on these sorts of semantics.