Mini-splits are really not that hard. Run an electricity supply and punch two holes through the wall. Mount the units.

I’m slowly moving in the direction and have learned a lot, but in my home network, all my devices get a bunch of IPs and services seem to choose at random the IP to listen on. My ISP changes my prefix at random. Devices don’t register in DNS. So even if I use the ULA it’s a lot of fucking typing.

I also had this thing for a while where the MAC of a bhyve VM would change at boot so even the ULA changed. That fucked me for a while.

Opnsense lets me create aliases allowing me to create firewall rules, so at least that works now… kinda. But i haven’t figured out privacy extensions.

So yes, you’re right, 32 digits is a lot to keep in mind.

I would like to see that here but our government just invested in online learning.

I literally read things differently on a screen and they’re gateways to distraction; I think there’s potential but so far it’s been mostly Google and Microsoft competing to get children comfortable with their productivity suites from a young age.

Young.

The original ticket is 2019. That’s 7 years ago.

Technically there’s no real problem here.

It responds to and serves content to unauthenticated requests. That’s sorta table stakes if you’re creating an authenticated web service and providing guides to set it up with a reverse proxy.

That’s never made sense to me; why build an authn frontend instead of just clicking your user if the security is just an illusion anyways. “Use a VPN” is fine for a mainframe, but an active project in 2026 should aspire to be better.

Edit: or make note of that on their several pages with reverse proxy configuration.

Examples dating back over six years https://github.com/jellyfin/jellyfin/issues/5415

Not for zfs. I mount zfs on proxmox. Why I don’t just run samba on proxmox, I’m not sure. There is some fuckery with permissions to make it work in a container and permissions are unnecessary for my use case.

But you don’t really need a ui for zfs. I ran it for 10 years on TrueNAS and only used it for initial setup.

Currently running proxmox and using cockpit to present smb, which is all that I was doing with TrueNAS. Gotta set up a few pieces manually but not really a hassle.

Quite right

On Linux, the software lets users assign the monitor’s coding and browser shortcut buttons to take actions without interrupting their flow.

Ooh boy.

Caddy is a proxy

Your router is almost certainly also a firewall.

The point of the reverse proxy, caddy, is to enable hosting on 443 instead of 42069 (and other stuff). Don’t open that to the public Internet.

Caddy can’t reach your web server (or at least, get expected response from), iocane, so it’s throwing up 421.

Depends on what you’re controlling and your geographic location.

For a while there, there was a perception that Satya was trying to move away from that.

Then they started firing people, cutting the sales budget, running licensing audits, and churning out trash and its 100% back to business as usual.

I remember the “this is my office” stickers the MS people had, when they were pushing the EMS. Now they’re required to be on site. Hmmm

I have one of their devices with an intel CPU. I didn’t even boot the OS. Just popped in the firmware and told it to boot proxmox. But it’s an i5 with 32GB RAM so a different scenario than you’re thinking of. Im still bitter about waiting for Black Friday to upgrade the RAM and paying double.

It’s LPDDR, I think that’s not upgradable, and not a lot.

It may be simplest to move it to a hosted server. Depending on the length of outages, your comfort with electrical things, and your budget, you could get a bigger battery and use the inverter in the UPS (there are caveats-the inverter in the UPS is not rated for higher end of its load past the battery capacity it’s got and may burn itself out, and the charger may not work properly with the larger battery or with different chemistry), or get a battery/inverter box like a Ecoflow or that sort of thing. Solar may be a good bet too.

I don’t know about matrix but failing over between public IPs probably requires a HA sync of some type and also DNS failover.

There is a reason that cloud services are popular with businesses. How does self-hosting this provide value to your customers in line with the time that you spend on IT tasks instead of your product? Do you have enough faith in your build that it will be secure and reliable? If you have downtime, does your business have flexibility to accommodate you doing IT work for hours without loss of revenue? If you go on vacation, who is on call?

I’m not saying you shouldn’t, but do consider the time investment and risks. There are alternatives to M365 and Google.

Pfsense is shady on the OSS side these days. I think. I haven’t gotten into the drama. Opnsense is a popular fork.

Yes. If there’s another open source project that has the coverage I’m not aware of it.

Thanks for looking it up. I evidently am incorrect.

Didn’t the Maxwell mod come back to life a few weeks ago?

Edit - no

Low tech options: a smart plug that power cycles if it can’t ping eg google and have your edge devices plugged in there, or a timer that reboots the firewall at 0200 daily. I haven’t implemented either of these, despite having a network other people rely on about 400km from my house. I should remediate that…

I have decided dual firewalls are silly without dual internet and dual power, as both those things go down more often than my FW.

I have two instances of pihole on two hosts, because I block dns outbound to the best of my ability.

You will find it challenging to freelance while living this lifestyle. Looking wealthy implies you are successful; being successful implies you’ve been hired by other companies; being hired by other companies means you’re safe. A bit like why the bank has marble floors.