I have my AP connected with a trunk link and configured to offer different SSIDs for different VLANs. I connect IOT devices to the IOT WiFi, and home assistant can see them since the machine running it is connected to that VLAN as well. Apart from the initial setup, this feels like less of a hassle, as firewall rules are already set up for this VLAN (no connection to internet or other VLANs). If I had to manually make sure that every new IOT device I add is incapable of talking to the internet, I think I’d go mad.

ssh is a protocol that is used to log in to a computer remotely. Servers are usually administrated not by plugging a keyboard and monitor into the server, but from another machine via ssh. You can configure ssh to allow login with the same username+password you would use locally, but it is common practice to only allow authentication with an ssh key.

ssh keys allow for much higher entropy like you suggested. They are also asymmetric, and the private key can be password-protected or stored on a smartcard.

Have you heard of ssh keys?

Imagine hosting a software on your own hardware and still choosing the one that makes you dependent on the whims of a corporation lmao

That’s how you know it’s valueable! I don’t want some crappy product they give away for free. \s

Seems fun, but is this case really gonna sit somewhere you actually see it? That seems awfully noisy when you add a few hard drives.

A router is not a network switch is not a wireless access point. Using the machine as a router works with one ethernet port.

I would still not recommend this approach, as your network will be unusable when this machine goes down.

If you find an encrypted drive, it’s extremely unlikely you can recover anything from it. If there is no LUKS header, it’s pretty much impossible.

+1 for Jellyfin!

I’d say NixOS is great for servers, mostly. Only having to worry about certain things (secure boot with custom keys, FDE, partition layout, network, sshd, firejail, etc.) once, and then replicating the same setup on another machine is waaay more convenient than going “I wonder what I was thinking when setting up this machine” once in a while when looking at some machine again you haven’t touched in some time. When it comes to desktop usage, the whole thing does not feel as magical - configuring system options in e.g. KDE is still a lot of clicking around in a GUI. I still use it for my desktop machine, just so I don’t have to think about another distro.

You just made my day, kind internet person! That’s exactly the holy grail setup I’ve been looking for for the last couple of months. Will try it out as soon as I can!

These containers are running on various servers I have at home, not on a desktop machine. I use podman as an alternative to docker, because it’s fully libre and does not require running containers as root. To be honest, I’ve never thought about running flatpak containers for these kinds of services – do you have a setup like this that you want to share?

Don’t get me wrong, I don’t support this. But I can see how the suits at Synology could come to the conclusion that this is a great idea

People who buy overpriced “solutions” instead of taking the time to configure a PC seem like exactly the crowd to enjoy a closed ecosystem (see apple)

You can use FDE and setup a minimal ssh server like dropbear to run at startup. This way, you can supply the password via a keyboard connected to the machine OR via ssh. This gives you a similar workflow to the data partition you mentioned, but encrypts the entire system.

I hate the cloudflare stuff making me do captchas or outright denying me with a burning passion. My fault for committing the heinous crime of using a VPN!

There are small SATA backplanes that allow you to fit 3 HDDs into two 5.25" slots (or 4 HDDs in 3 slots). You can find used ones for cheap (mine was 30€), and with some cheap tower case you could get something NAS-like with hot-swap drive bays for way cheaper