Man when they finally git repo federation will be available…
I guess it’s because it’s “insecure”. Any device on the network could control the lights. Tasmota allows setting a password for the control panel though.
Hey, OP here again.
Here’s what I ended up with:
upgrading my TrueNAS CORE to TrueNAS SCALE - it was really easy, just upload a 1.3GB upload file through the web UI. CORE’s apps/plugins are based on BSD jails, where SCALE apps are based on Kubernetes/Docker, so I can any arbitrary Docker container from Dockerhub as I please, rather than being limited to BSD jails
migrating all the VMs/LXCs to matching TrueNAS SCALE Applications. So e.g. my hand-made Navidrome LXC was migrated to the TrueNAS SCALE Application. Sometimes there was no equivalent TrueNAS app for what I was using - e.g. Forgejo, so I just ran an arbitrary container from dockerhub.
decomissioning the Proxmox mini-pc (Lenovo M920q). I’ll sell it later or maybe turn it into a pfSense router.
I installed a custom TrueNAS app repository called Truecharts. It has some apps that the default repo doesn’t have, and it also has a nice integration with Ingress (Traefik), which allows you to easily create a reverse proxy using just the GUI.
I’m still yet to figure out how to set up Let’s Encrypt for the services I made available to the Internet. I can no longer do things the Linux way, i must do it the Kubernetes way, so I’m kind of limited. Looks like HTTP01 challenges don’t work yet and I’ll have to use DNS01.
Looking back, I’m happy I consolidated. The hypervisor was idling all the time - so what’s the point of having a second machine? Also, the only centralized machine has IPMI, so I have full remote control, and I’ll hopefully never have to plug a VGA cable again. Of course, there’s no iSCSI fault path anymore, though I’m happy I got to experiment with it.
The downside is as I said - I’m forced to do things the Kubernetes/Docker way, because that’s what TrueNAS uses and that’s the abstraction layer I’m working on. Docker containers are meant for running things, not for portability. I’m sad that I can’t just pack things up in a nice LXC and drag it around wherever I please. Still, I don’t thing I’ll be switching from TrueNAS, so perhaps portability isn’t that big of a deal.
I’m also sad that I … no longer have a hypervisor. Sure, SCALE can do VMs, but perhaps keeping TrueNAS virtualized would give me the best of both worlds.
I too get the feeling that the selection of devices with Tasmota pre-flashed is rather limited. Due to the nature of Tasmota, those devices will only be Wi-Fi devices, which further causes problems with battery usage (contrary to Zigbee/Z-wave etc.) 15 minutes ago I was looking at smart buttons that can run Tasmota, and I’ve only found the Shelly Button 1. And funnily enough, it’s possible to connect it with microUSB (!) so it stays charged.
All zigbee devices’ firmware is proprietary though, no? This is why I’m willing to suffer for Tasmota
The device list seems larger if you’re willing to flash Tasmota yourself: https://templates.blakadder.com/
Factually, it was how you described. Poetically, it was making my life as a customer unnecessarily difficult to the point where the word “impossible” is a valid form of artistic expression. I didn’t want to have to beg anybody to please unlock the device I paid for.
https://community.home-assistant.io/t/tp-link-offers-way-to-add-local-api-back
We are hoping for a better solution, but for now this is what you should do: Submit a ticket to technical support 27. Make sure to include the MAC address of your plug. Go to the forums and send this user 24 a message with your ticket ID and MAC address (just to be sure).
https://community.home-assistant.io/t/tp-link-offers-way-to-add-local-api-back/248333/107
Please be advised that I intentionally cherry-picked the comments that support my point, as I was just skimming the thread.
I’m not sure how do Hue lights work, but if they have any Wi-Fi component they’re essentially a device in your network. If compromised (by a hacker or by Philips themselves) they’re no different than a device next to yours on public Wi-Fi. Someone will definitely have a desktop PC with vPro with default credentials, or once in a while someone will log into something using HTTP without the S and leak plaintext credentials.
People more well versed in networking often put their IoT devices in a separate network/VLAN so that they are all lumped together and away from personal PCs.
Hell, I even block my ISP-issued modem/router/AP from ever getting an IP address on my network, and that way I can’t even receive tech support from them lmao
I bough a TP-Link smart bulb once. It was very nice - I could just download a “tp link bulb client” written for everyone by some third-party dude. If I wanted to, I could add a desktop shortcut to turn on/off the bulb.
Then TP-Link decided to automatically update the firmware of the bulb without my knowledge. The update turned off the REST API that made the third-party client to work. I could only use the shitty MOBILE app from then on.
The update was impossible to revert (though TP-Link said “Ok write to our support and we’ll give you the downgrade file” no fuck you).
Ever since I’ve vowed to heavily think whether I want to buy a non-open-source firmware smart device ever again. Recently I bought a smart bulb and two smart sockets that come pre-flashed with “Tasmota” and “WLED” firmware out of the factory and they work great.
And I OWN them too
reminds me I need to setup sonarr, radarr and jellyfin
Nice list of games with screenshots at the bottom of the Warfork website https://warfork.com/#viewvault
https://www.reuters.com/article/us-facebook-deals-mapillary-idUSKBN23P3N6
I say it “didn’t work” because I don’t want to do free work for Meta (an evil company ltd), because who knows if they don’t start making money off of my free work
woah the concept of onfoss is so cool
Probably because of the recent RedHat drama right?
How is this different from Mapillary? That didn’t work well…
There’s a LESS_IS_MORE env var for less
which makes it behave like more
. Or something like that. Check the manpage
Ah right, sorry, switched things up. Indeed, I also use my registrar’s DNS system, but if I switched to something that has an API supported by certbot (e.g. dns zones that cost 0.5 eur in large cloud providers) it would work.
I want to buy a thinkpad that I can set up as a privacy machine
The older ThinkPads can go much further in the freedom/privacy realm than new ones. If you think you’d want to set up a custom BIOS etc., look at T440. There’s also T430 but it doesn’t support 4K output on external monitors. But you said you’re not “especially tech-literate”, so I assume you’re more towards the newer ones.
The video below makes the point “old but modifiable” vs “new and fast” https://www.youtube.com/watch?v=y2OB6zfL904
I used [large american registrar], but switched to a small one in my country because I wanted to pay a local business. I found it from somebody’s compilation of companies that offer a TLD for my country, and I just picked the recommended one in that post. It was the one that charged the least.
Keep in mind that with a smaller registrar you won’t be able to get a TLS cert using the “do some shit with my domain records” method - you’ll have to always install the nginx/Apache etc. plugin for Let’s Encrypt
Thanks for sharing, I didn’t know that. I still had the “from Cuba to Florida on a raft” image of the situation. Still, wouldn’t that leave poverty as the main barrier?
Thanks for making it clear that iSCSI power down is in fact one of the more grim scenarios, I couldn’t make it out how bad of a situation it is. In an enterprise environment a SAN being down would require some type of incident report.
UPS - as you suggested - would solve most of my problems to be honest.
Well, Git is still centralized. Typically there’s only one main location where work on a project happens - a Git forge like GitHub, or in the simplest scenario just an SSH server.
Federation will help because it will allow working on a project in one forge from another forge. You could e.g. create a pull request on your own self-hosted forge (e.g. Forgejo instance) and then submit that pull request on another forge that’s hosted somewhere else. GitHub taking down a repo wouldn’t be as annoying, since people would still have the main sources of their pull requests in their own forges. And GitHub wouldn’t be able to remove their fork for whatever reason.