Not my reply, but I’ve also had mixed tests playing with Netmaker. It’s a project I really want to like, but getting clients to work together is sometimes finicky. It’s a young project, so maybe the kinks will get worked out. I do like the admin UI.
If you’re looking for something more or less in the same footprint, I understand those cheap Wyze cameras can be used. There are alternative firmwares available that can be flashed to them to open up the rtsp stream to whatever self-hosted recorder you’d like. Haven’t tried it, but have heard it mentioned on the Self Hosted podcast.
So I think the way I would want to do this is with something like mailpiler (https://www.mailpiler.org/). It’s been on my long list of things to dive into for a while.
It’s been on my agenda for a while to set up a Matrix server with an iMessage bridge with the idea I could interact with all of my message protocols from one place. I haven’t gotten around to it, but it might be worth a look.
I’d just give it time. Let the account sit unused and set any messages to be forwarded to your new account. If you don’t notice anything in the next year or so, you probably won’t miss anything that might still be linked.
Who says you can only get one? Don’t let the perfect be the enemy of the good; just get one of the fun ones you already came up with and in the future if you need a different one get that too. That’s been my approach, anyway.
My experience has been mostly positive. I hit a situation a couple times where a particular app hanging will prevent other flatpaks from launching. That took a while to figure out, but otherwise it’s pretty good. In general things work the way they’re supposed to.
My only experience with homebrew is on macOS and I’ve switched to MacPorts there. Homebrew did some weird permissions things I didn’t care for (chowned all of /usr/local to $USER, if I’m remembering right). It worked fine on a single user system, but seemed like a bad philosophy to me. This was years ago and I don’t know how it behaves on Linux.
I also prefer Firefox, but when I need a Chromium alternative for testing, I opt for the flatpak (or the snap) version personally.
I’ve done something similar, though not with openwrt. There may be a decent way to do this on the firewall, but I ended up using the ACLs available from the Tailscale console.
I removed the default allow all rule. I made a group called admins that can access everything and then added a set of routes that everyone on the tail net could access.
I’ve only recently set this up, but initial testing seems to have this working as hoped.
Sorry to say I’ve never heard of spaceship, but wanted to make sure you know that Cloudflare now has a registrar service, so if you’re already using them for DNS, that might be worth a look for you.
This is the route I went as well. I have a couple MPU2016s at different sites. Like, u/aodhsishaj indicated, they're pretty cheap on the used market; just bear in mind that you'll need a module for each machine. I think this makes sense if you have multiple machines, but I'm not so sure mine can power cycle connected machines (as in with AHCI controls). I can, however, reboot from the command line and interact with BIOS, etc.
Gotcha. That makes sense. My own thoughts are that if you mitigate all of the attack surfaces you can, it ends up coming down to the robustness of the particular app. I’ve never played with keycloak, so can’t speak intelligently about that, but I’ve got authentik setup in a similar configuration. I limit access so the only way in is via either the reverse proxy or the PVE console and basically keep an ear out for security and software updates.
As I type this, it occurs to me that perhaps there’s a fail2ban integration that could be added to limit credential guessing at the keycloak webui.
I’ve got one running in a Proxmox cluster. Getting it setup was a bit particular (due to the T2 chip if I remember correctly), but it’s be working flawlessly. I use the quick sync feature of the iGPU for my jellyfin container.
If you were going to buy something new, I think there are more cost effective boxes of about the same size and spec, but if you’ve got it already, you should definitely start playing with it.
Besides the great suggestions others have given, the OpenZiti project (openziti.io) looks interesting, though I haven’t found the need or time to try it out.
Since you’re new to this and therefore probably haven’t set up too much infrastructure yet, let me put in a plug for ZFS for the file system underlying your data. That will unlock for you snapshots and the ability to send very efficient backups off site to another ZFS pool.
There are commercial offerings for all this (I think rsync.net will give you a ZFS target), but I essentially have a second NAS set up at another location for the purpose.
Beyond that, I’m also a big fan of BackBlaze B2, which can give you object-based online storage.
As far as what to back up, that’ll depend on your setup. I usually find it simplest to backup my entire VM and do recovery by restoring the VM.
It sounds like you’re seeing a few different issues here and it makes me wonder if there’s some hardware issue that’s causing some of this or if the installation is botched (though it’s be odd for that to hose two different distros.
Last time I looked Debian didn’t include sudo by default, so you’d have to install it first. To add yourself to the sudoers group, log in as root and run usermod -aG sudo mariah (assuming that’s your username). Then reboot (logging out your user should work too, but better be thorough).
Grub sometimes includes a timeout longer than I like and you can edit that in the /etc/default/grub file to something of your liking.
Not sure what you mean about the commands, but maybe it’s an issue with your $PATH.
Not my reply, but I’ve also had mixed tests playing with Netmaker. It’s a project I really want to like, but getting clients to work together is sometimes finicky. It’s a young project, so maybe the kinks will get worked out. I do like the admin UI.