That is a bad setup then. Not an issue of the software or hardware.

Yeah. And Netbird/Pangolin go a long way these days.

Have a look at Layer7,btw. They are more than decent and you can easily install Proxmox on them as a Hypervisor.

Just a theory: There is a good chance that your provider does CG-NAT and that was the issue with OpenVPN. These would persist with wireguard,sadly, unless you solve them properly. (Which can be tricky). But just for the book: Running an Wireguard Container behind your router and have a port forwarded to it is an option. (But still needs CG NAT adressed)

Thaft leaves you with a few options:

• Cloudflare: Imho a bad idea - it’s evil, it’s monopolistic and while it’s “an easy way” it has its technical downsides. As you said a domain is still required.

• Use a small VPS and run a wireguard tunnel and maybe pangolin as a reverse proxy on it.It has the benefit of being very flexible and once configured is fairly stable and it puts the security part outside your network. But it costs money unless you maybe make it work on oracle’s free tier. I would still recommend using a cheap domain,though)

• As others have mentioned: Tailscale/Zerotier/Netbird absolutely are an option if it’s just for you. But they get nasty if it’s for more people or larger deployments with tailscale and while netbird is far better it’s less common and does require a domain as well. (Which,again,is not a bad idea to have)

Netbox,especially when combinded with Plugins is so incredibly good and might,that’s it’s almost funny how good it is. What I do Plugin wise:

• Documents: not implemented yet by me,but one could store manuals,etc. directly within netbox.

• Lifecycle and Inventory: While it’s not as good as snipe-it (tbh, inventory is imho one of the worst plugins) it does the job for my small deployment

• Slurp it to scan automatically

• QR Code for obvious reasons

• Floorplan as well

Of course that sounds overkill for a small deployment, but I simply forget too many things after a few months otherwise and it’s something my family (wife is in IT and far more qualified than me) would need if something happens to me,so a proper documentation would be essential for that as well.

Just saying:

There are alternatives for LE,not for all things, but for a lot. Afaik not all of them do follow suit.

Yeah,Netbox is also my main solution, combined with forgejo repo.

Works very well.

Well, the AM transmitter in the old car won’t work anymore as well.

Cars do age the same in terms of user experience - they are simply frozen in the state they are. (And at least within the EU can be operated fully offline)

The author seems to be more concerned that his car might not get “new features” anymore - and that bothers hims as the “free update” culture is extending to a lot of things. Technology advances but nothing has changed about that - that was always the case and now we can at least update some things.

While I would love to have a carnaker offer a open source plattform that would make people able to update and modify the entertainment/navigation part of their car I actually spoke to a car makers product manager about it - and sadly the multitude of regulations cars fall under in their various markets makes that basically impossible.

More important would be that we campaign for other things in terms of laws (some are in place in the EU but are currently under pressure):

• Manufacturers need to provide security updates for online functions for 10 years after the end of production.

• Manufacturers need to provide navigation updates for 5 years after the end of production

• Cars need a designated fully offline mode

• Driving data obtained must not be used for commercial purposes. (Currently already implemented in the GDPR)

• Important and often overlooked: Manufacturers must provide service software tools for cars for ALL repair shops and for at least 20 years after end of production. AND we need to work towards an open source industry standard.

So far that’s not working to much,but development is fast it seems

Basically a book downloader that connects to various sources, mainly Annas archive, and then hands the downloads over to CWA(or booklore). While still heavily under development it works.

https://github.com/OrwellianEpilogue/ephemera

Calibre Web Automated and Ephemera. But looking to switch to Booklore some day,just haven’t had the time.

Mealie is far superior to Tandoor,imho.

Literally what I am doing,but has it’s drawbacks and is hard to sell to other people that are less technically inclined. And sometimes time is money…

And it lead to me not finding proper wodden frames which led to me needing a CNC… Etc. Etc.

You know how it goes.

Meanwhile all I want is a relatively cheap tablet sized display/AIO that can be powered by PoE and has no battery for displaying Home Assistant. (With ePaper it becomes totally crazy) Whoch seemingly is impossible.

I have a similar solution and waydroid works pretty well for a lot of things.

Thanks a lot. I expanded it a little bit.

Basically:

• Small proxmox node (Zimablade) that basically does only operate a Proxmox Backup Server for local clients and fast backup.

• Offsite ZFS send to a VPS I operate for that purpose. As well as Proxmox Backup Server for VMs,etc. Basically meant as a fast recovery option. (Layer7)

• Offsite S3 storage backup to a different provider from above. Meant for a medium term backup. (Hetzner and IONOS)

• Portable HD: I have two different portable HDs. One is hooked up to the Backup server, the other one is in a lock box in my banks safe. The “connected one” does a weekly backup (and is switched off in between). Once in a while (around 6 to 12 weeks, with 12 weeks being the hard maximum) I take the active one to the bank and both drives switch places. That provides a full backup. (WD My Book and Seagate Expansion - the differrnt manufacturers are intentional)

• Last line of defence: The real real important things (photos of life events-weddings,etc.- important documents,Password DBs) etc.) get burned on a M-disc Archive blue ray. They are also in the bank safe and at a secure third location. They are more meant for “shit hit the fan and I might not be there anymore,but maybe the kids want these”. Additionally they provide a defence against encryption viruses - write once reas many (WORM) has it’s advantages here.

This is another thing to consider: Have detailed descriptions for others how to retrieve your data in case something happens. I operate a private wiki (on an external server) that also gets saved into the M-Discs that has step by step instructions, as they might need to be followed by someone not that tech adept. (Like my In-Laws in case both my wife and I perish.), have notes in my password DB (Vaultwarden, which has a digital heritage/emergency access function and is also exported), in the vault, and a note in my will notifying people about this.

Edit: And: Test your recovery. Almost every data loss I have witnessed in the last years was a recovery problem. Missing encryption keys, data structure issues, etc. I have seen them all. Personally I try to recover a random file (as in: A script tells me which one) twice a year from every method and try a full recovery of each method at least once six month after introduction. Thst being said: It’s nice to have encrypted backups,but that doesn’t help if you can’t find the keys/the software does no longer exist,etc. Currently a LOT of my clients have the same problem: They use Tandberg RDX for backup, including WORM. Now, Tandberg has gone bust and it’s not that unlikely that yhey won’t be able get another RDX drive in 5 or 10 years. Or 20. Which is the legal requirement for some official files here. Well,fuck. They needed to get additional drives asap when the bankruptcy became official.

Friends have used ancient LTOs and now face the same issues - LTOs are not downwards compatible. (That’s why I use “common” technology. It’s extremely likely that I will be able to find a spare BD drive in 20 years,etc.)

Cyberpower OR600ERM1U or similar are nice - or the OL1000ERTXL2U if you want a online usv.

Not that the Eatons are bad,they are a little bit nicer in a few things, but often also more expensive.

Privileged or unprivileged LXC?

It’s at the maximum of the specs and these are meant for straight connections and usually indoors. Potential differences,lightning strikes, there is a lot of issues that are hard to diagnose.

Using a preconditioned fibercable is absolutely not an issue even for an inexperienced user - and the price difference is neglible in the end.

Ethernet that long and outside is a really really bad idea. Fiber is much better suited and not that more expensive.