I’ve had to hard reset my controllers (both Zwave and Zigbee) a few times now, haven’t really found a cause but it’s usually been around times when updates were applied. It almost seemed to me like the device wasn’t released by the old container and that needed a hard disconnect to force it. IIRC logs just showed a generic can’t connect to device error but no sign of what had the device locked. First time I did some investigation, the few times it’s happened since then I just unplugged and reconnected the usb device, restarted the container and it worked after.
Check with your provider for SIP server, username and password, and if they have a suggested app (even if you don’t want to use it, it means they have some kind of support). It’s probably in their support pages somewhere.
I don’t know deConz but ZHA shows RSSI on the device in home assistant, and you can see RSSI in the Zigbee2MQTT UI list of devices. I’d assume it’s something like that in deConz.
I’d say if the device is closer to the controller then I’d suspect the devices. Do you have any other devices yet or just the Aquara sensors? It’s possible they work better through a Zigbee router too so you can try connecting them via one.
How is the link strength for the devices? Do they still drop off if you leave them right by the controller? If you’re just getting started I’m guessing you don’t have a strong mesh yet with plugged in devices to provide routers to the network.
My experience is that some manufacturers are better at following the spec and devices work better or worse based on that.
Silly question but does it still work directly without the proxy (like http://homeassistant.local:8123/ )? Check the logs in system- logs and see if you can find anything relevant. AFAIK the proxy shouldn’t change how calendars get loaded.
I use an acurite 06002RM temperature and humidity sensor with a rtl 433 compatible receiver plugged into home assistant and an rtl2mqtt add on. It’s indoor/outdoor and has worked well for all sorts of weather. Combined with a sun shade and it’s a good solution I think, and completely local.
I think it’s not quite as well known or prevalent as other services (as say SSH) so likely doesn’t have anything automated attacking it yet. If you check something like http://shodan.io/ against your ip, I’d guess the service has been found.
Home Assistant likely won’t come under any kind of attack until there’s a very easy to exploit, unpatched zero-day vulnerability in the wild. Given how many people (myself included) who have HA exposed publicly it’s really a matter of time. The best mitigation is not exposing publicly if possible, and staying up to date.
In my case I don’t expose HA over 8123, I have a proxy on 443 where HA is not the default host name, meaning if you don’t use the right host HA doesn’t receive the traffic. As I’d expect that automated attackers wouldn’t what my host is it’s a reasonable layer in the security onion. I don’t expect anything would realistically protect from a targeted attack but I’m also not important enough to be targeted.
You don’t need cards to have full bandwidth, they only time it will matter is when you’re loading the models on the card. You need a motherboard with x16 slots but even x4 connections would be good enough. Running the model doesn’t need a lot of bandwidth. Remember you only load the model once then reuse it.
An x4 pcie gen 4 slot has ~7.8 GiB/s theoretical transfer rate (after overhead), a x16 has ~31.5GiB/s - so disk I/O is likely your limit even for a x4 slot.
We can’t ever stop this kind of stuff, but with something like fail2ban you can set it up to block on too many failures.
Really though - ensuring your system is kept up to date and uses strong passwords or use a SSH keys is the best defence. Blocking doesn’t prevent them from trying a few times. Moving SSH to a non standard port will stop most of the automated attacks but it won’t stop someone who is dedicated.
Without looking at it it’s probably making a unique request to a resource on a NextDNS subdomain and watching where the request comes from. Like pulling an image from (unique _string).check.nextdns.com. This requires nothing special on the client, it’s making a standard request, and as part of that it needs to do a DNS lookup.
If the source of the and your IP are similar then it’s likely the same network, otherwise it can correlate the source with known resolvers.
I use HASS.agent to help manage my Windows desktop and expose various sensors to HA. It can suspend or hibernate the system. It does use MQTT as its connectivity plane.
You get easy access to their addons with a VM (aka HAOS). You can do the same thing yourself but you have to do it all (creating the containers, configuring them, figuring out how to connect them to HA/your network/etc., updating them as needed) - whereas with HAOS it generally just works. If you want that control great but go in with that understanding.
Yes I simplified. Some(? I’d hope all but probably not) new fobs do turn off (ignore the car broadcast) if they are not moved for a time. I proved this to myself with my 2020 car by putting my keys down by my car door, I could only unlock the car for a minute or two after I put it down, after that keyless entry didn’t work until I disturbed the fob to wake it up.
This is to mitigate the relay attack at home (and I’m sure other times, like if the key is in a purse), one avenue was that attackers would count on people hanging their keys by the door, so accessible to selective standing on the stoop with a relay. By turning off at rest they can’t be exploited this way.
Older fobs never turned off - so they are constantly broadcasting the signal for the car. Newer fobs do turn off when at rest so they’re less risky, but if say it’s in your pocket it’s constantly moving so someone could still relay it to steal your vehicle, assuming they get close enough to you.
The faraday bag is good for older fobs or if you think you’re at risk of a key relay attack.
BTRFS has RAID built into the file system - instead of using MD you use BTRFS profiles which tell the system how to handle data.
For instance
file system data (critical for the file system to function): raid1c3 which means 3 copies of core P file system data on 3 different devices
user data: raid1 (so duplicating all your data on two different devices)
With this set up you could lose one device (of n, the total doesn’t matter), and not lose any data, and still be able to boot to recover with too much hassle.
BTRFS does block checksums, can scan for bit rot and recover from it, and generally tries to make your data safe. It technically supports raid5/6 for user data, the issue is around unclean shutdowns and a potential write hole where you could lose data, but if your system has a UPS backup and is on a relatively recent kernel it’s not any more dangerous than MD raid5/6 as I understand it.
I’ve had to hard reset my controllers (both Zwave and Zigbee) a few times now, haven’t really found a cause but it’s usually been around times when updates were applied. It almost seemed to me like the device wasn’t released by the old container and that needed a hard disconnect to force it. IIRC logs just showed a generic can’t connect to device error but no sign of what had the device locked. First time I did some investigation, the few times it’s happened since then I just unplugged and reconnected the usb device, restarted the container and it worked after.
I haven’t had it happen for a while at least.