antsu

It’s nothing fancy, but I have phone alerts if any windows are open when the heating comes on, and I also use the average temperature inside the house as the input temperature for the thermostat (sensors in several rooms are averaged and published via MQTT to a DIYless thermostat).

My plan going forward is to add ZigBee TRVs to the radiators in each room and automatically close any that are already at or over the target temperature.

As another Brazilian, good riddance to that crap. The current standard is so much better. Anything that is compatible with the American standard is automatically a mistake. Now if only we could standardise the whole country on 220V and drop the need for different 10A/20A sockets…

Your top priority should be “Are my backups good? / Can I trivially roll back any breaking changes?” If an account oopsie can permanently compromise your users’ photos, then you have bigger problems to worry about.

But assuming your backups are good, there isn’t much to worry about. I recommend you don’t take my word for it and thoroughly read the documentation of each of the services you want to put behind Authentik, but in general, when a service is configured to use SSO, if a user with the same ID already exists on the target service, they are simply merged. The most common ID for this is the email associated with that user on both Authentik and the service. Worst case, if the ID doesn’t match, you either get an error saying the user is invalid or you get a new user created on the target service.

“By opening AND using this product (…)”

Have someone else open it for you, then consume the product yourself. Boom, no contract. Checkmate, lawyers!

+1
This is a problem a simple spreadsheet is perfectly adequate for.

My stuff is all in docker-compose with a stack/service structure, so listing it is as simple as running tree, and reading the individual YAML files if I need in-depth details.

What you want are two servers, one for each purpose. What you are proposing is very janky and will compromise the reliability of your services.

This here OP! ☝️

Jellyfin lets you do this easily.

Mine are all anime characters. Currently I have:

• Mizuho (Onegai Teacher)
• Misaki (To Aru Kagaku no Railgun)
• Washu (Tenchi Muyo)
• Siesta (Zero no Tsukaima)
• Derfflinger (Zero no Tsukaima)

Suggest your friend to give Eturnal a try maybe. I have it running on an Oracle free tier instance, and I use it daily to have video calls with my family using Synapse/Element (and Jitsi inside Element for group calls), and it works great. The documentation is very good too.

Edit: this is my Eturnal config, for reference:

eturnal: listen: - ip: "::" port: 3478 transport: udp enable_turn: true - ip: "::" port: 3478 transport: auto enable_turn: true - ip: "::" port: 5349 transport: tls enable_turn: true realm: turn. tls_crt_file: /etc/letsencrypt/live/turn./fullchain.pem tls_key_file: /etc/letsencrypt/live/turn./privkey.pem tls_options: - no_tlsv1 - no_tlsv1_1 - cipher_server_preference

And the compose file: services: eturnal: container_name: eturnal image: ghcr.io/processone/eturnal:latest environment: ETURNAL_RELAY_MIN_PORT: 49160 ETURNAL_RELAY_MAX_PORT: 59160 ETURNAL_RELAY_IPV4_ADDR: ETURNAL_RELAY_IPV6_ADDR: ETURNAL_SECRET: volumes: - ./eturnal.yml:/etc/eturnal.yml:ro - /etc/letsencrypt:/etc/letsencrypt:ro restart: unless-stopped read_only: true cap_drop: - ALL security_opt: - no-new-privileges:true network_mode: host

I have a bunch of ST6000NM0095 (which are similar specs) in my NAS, and despite already being well used when I got them, so far only one needed to be replaced in nearly 5 years of (my) usage.

My only advice with these is: if you notice a maddening noise coming from them when they’re idle, update them to the latest firmware and it’ll go away.

+1 for Immich. It’s the most complete and competent Google Photos replacement yet.

If they take long or don’t resolve it, try the live support chat. I used the chat inside their app to request it and it was unlocked pretty much instantly.

O2 has an on-by-default security filter that blocks all sorts of “bad stuff”. For me, it was preventing connecting to any PIA VPN servers. Ping their customer support and they can disable it for you.

This looks about right, I have a similar setup for unauthenticated services here, with the difference that I’m using NGINX Proxy Manager instead of Caddy. The things I would try/check are:

• Make sure you’ve enabled the proxy provider in the local outpost config in Authentik.
• Declare a common network between the two containers, so that they can communicate without having to go out through the host’s IP. This way you can reference the VS Code container directly by its service name in Authentik.
• I’m not familiar with Caddy, but I would also try changing the code.test.example.com entry to point directly to Authentik’s IP and port (in other words, both entries would look the same). In the config your posted, it seems like Caddy is redirecting through itself.

This. And I recently found out you can also use includes in compose v2.20+, so if your stack complexity demands it, you can have a small top-level docker-compose.yml with includes to smaller compose files, per service or any other criteria you want.

https://docs.docker.com/compose/multiple-compose-files/include/